Golang Samber Mo
Security checks across static analysis, malware telemetry, and agentic risk
Overview
This is a documentation-only Go coding skill with normal project-editing and dependency-setup capabilities, and the provided artifacts do not show hidden data access, persistence, or exfiltration.
This skill appears safe for normal Go library assistance. Before installing, be comfortable with an agent reading and editing your project files, running Go/lint/git commands, and optionally adding the samber/mo dependency; review all generated changes before committing them.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent may make code changes or run repository commands while helping adopt samber/mo.
The skill is allowed to edit project files and run Go, lint, and git commands. This is purpose-aligned for a coding skill, but it can affect the user's working tree if used.
allowed-tools: Read Edit Write Glob Grep Bash(go:*) Bash(golangci-lint:*) Bash(git:*) Agent WebFetch ...
Review diffs and any git/go command effects before accepting changes, especially in shared or production repositories.
Running the setup command can update go.mod/go.sum and pull the current module version according to Go's module resolution.
The skill documents adding an external Go module. This is expected for its purpose and shown as a setup command, but it is not pinned to a specific version in the example.
go get github.com/samber/mo
Use your project's normal dependency review process and pin or verify the module version if reproducibility matters.